PIA - Volpe Centralized Data Repository (VCDR)

DEPARTMENT OF TRANSPORTATION
Research & Innovative Technology Administration (RITA)

PRIVACY IMPACT ASSESSMENT

Volpe Centralized Data Repository (VCDR)

August 25, 2009

TABLE OF CONTENTS

System Overview
Information, Including Personally Identifiable Information (PII), in the System
Why VCDR Collects Information
How the VCDR Uses Information
How the VCDR Shares Information
How the VCDR Provides Notice and Consent
How the VCDR Ensures Data Accuracy
How the VCDR Provides Redress
How the VCDR Secures Information
How Long the VCDR Retains Information
System of Records Notice

System Overview

The Volpe Centralized Data Repository (VCDR) will provide a consolidated, secured, data storage system that Volpe Center employees and contractors can use to store and generate sensitive records. Volpe Center employees and contractors will transfer their sensitive LAN records to VCDR and, going forward, will create any such records in VCDR. Among other improvements, this will eliminate the need for employees and contractors to individually encrypt each LAN record that contains personally identifiable information (PII).   

The VCDR will be managed by Federal Employees within the Information Technology Division (ITD), and Contractor Support Staff. VCDR accounts will be created based on need; only those employees and contractor personnel who have LAN accounts and handle sensitive information will be VCDR account holders.  

Information, Including Personally Identifiable Information (PII), in the System

The types of sensitive information and records that may be stored or transmitted using the VCDR are the same as those currently described in the Volpe LAN PIA (e.g., personally identifiable information, confidential business information, government proprietary information, procurement-sensitive information, and security-sensitive information; in personnel records, emergency contact records, job applications, travel records, purchase card records, and other financial records). Because VCDR is a communications system, the types of PII data elements that could be in VCDR are limitless (e.g., name and home address, home telephone number, home email address, date of birth, Social Security Number, bank account information, medical information). The PII could be about any DOT employee, contractor, or member of the public who is engaged in official DOT activity.  

Why VCDR Collects Information

The VCDR is a communications system, not a system of records. It is used by Volpe Center employees and contractors in the course of conducting official DOT business to store and communicate (i.e., via email) information that they receive from, or generate for inclusion in, other systems that constitute systems of record. The VCDR collects PII only in the sense that account holders use VCDR to generate and store files containing PII and create word-processing documents, spreadsheets and other documents containing PII. Note that VCDR will not interconnect with systems other than the Volpe LAN. VCDR will not make or accept electronic data transfers from systems other than the Volpe LAN.

How the VCDR Uses Information

See "Why VCDR Collects Information." Each account holder (DOT employee or contractor) will use PII in his or her account to communicate by email with other DOT personnel, other government agency personnel, and members of the public engaged in official activity with DOT; and to process documents and information needed for the conduct of official DOT business.

How the VCDR Shares Information

The VCDR shares PII anytime an account holder sends an email containing PII to another government agency or a member of the public.

How the VCDR Provides Notice and Consent

Not applicable. Notice and consent requirements do not apply to email communications which are, by their nature, voluntary.

 How the VCDR Ensures Data Accuracy

Not applicable. Data accuracy requirements do not apply to communication systems, which do not qualify as systems of record.

How the VCDR Provides Redress

Because the VCDR will not be a system of records, it is not subject to the requirements of 5 U.S.C.552a(e)(4)(H).

How the VCDR Secures Information

Primary components of the VCDR will be accessed only by the system administration group which manages user authorization, security settings, and patching/upgrades. Each Volpe Center employee and contractor with a VCDR account will be allowed access to information in his or her VCDR account only. Physical access to the system will be restricted through security guards and access badges required to enter the Volpe facility. All Volpe Center employees and contractors are subject to the Information Systems Rules of Behavior and receive annual security awareness and privacy training.   

The VCDR will be secured by a combination of encryption, firewalls, anti-virus controls, intrusion detection and prevention systems, network controls, access lists and account creation, policing and termination processes.   

How Long the VCDR Retains Information

Each VCDR account holder (i.e., Volpe Center employee or contractor) will control the retention and deletion of information in his or her account while the account is active. A user's account(s) and directories on the VCDR will be disabled immediately after the employee or contractor leaves the Center.   

Any emails, word processing documents, spreadsheets, and other documents created or received in VCDR that constitute Federal records (i.e., any that should be preserved in order to properly document agency business) will be printed and filed in the appropriate system of records and will be disposed of in accordance with the NARA-approved retention schedule applicable to that system.

System of Records Notice

Because the VCDR will not be a system of records for purposes of the Privacy Act, a SORN is not required to be published.